package com.demo.config;

import com.demo.filter.TokenFiler;
import com.demo.handler.AppAuthenticationFailureHandler;
import com.demo.handler.AppAuthenticationSuccessHandler;
import com.demo.handler.AppLogoutSuccessHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableMethodSecurity
public class SecurityConfig {
    @Autowired
    private AppAuthenticationSuccessHandler appAuthenticationSuccessHandler;
    @Autowired
    private AppAuthenticationFailureHandler appAuthenticationFailureHandler;
    @Autowired
    private AppLogoutSuccessHandler appLogoutSuccessHandler;
    @Autowired
    private TokenFiler tokenFiler;
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        return httpSecurity
                // 表单设置
                .formLogin((formLogin)->{
                    formLogin
//                            .failureForwardUrl("/doLogin") // 处理登录请求URL
//
//                            .usernameParameter("username") // 登录账号参数名
//                            .passwordParameter("password") // 登录密码参数名

                            .successHandler(appAuthenticationSuccessHandler) //登录成功处理器
                            .failureHandler(appAuthenticationFailureHandler); // 登录失败处理器
                })
                // 请求相关设置
                .authorizeHttpRequests((authorize)->{
                    authorize.anyRequest().authenticated(); // 所有请求都需要认证
                })
                // 关闭跨站请求伪造
                .csrf((csrf)->{
                    csrf.disable();
                })
                // 关闭session使用策略
                .sessionManagement((sessionManagement)->{
                    sessionManagement.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
                })
                // 登出配置
                .logout((logout)->{
                    logout.logoutSuccessHandler(appLogoutSuccessHandler); // 请求大亨出处理器
//                            .logoutUrl("/logout"); // 登出URL
                })
                // 将token转换过滤器存放到用户认证过滤之后
//                .addFilterBefore(tokenFiler, UsernamePasswordAuthenticationFilter.class)
                .addFilterAfter(tokenFiler, UsernamePasswordAuthenticationFilter.class)

                .build();
    }
}
